DevOps Engineer (Security Focus)

We’re looking for a DevOps Engineer with a strong security focus to join our DevOps team. This is a hands-on role focused on application security and CI/CD pipeline hardening, ideal for someone who wants to further develop expertise in security-related areas while working with modern tooling and engineering teams.

In this position, you will work as part of the DevOps team while closely collaborating with the Security team, which will be the primary stakeholder for security-related initiatives and improvements.

Finteqhub

А PCI DSS certified payment gateway for online businesses, providing integration with payment systems via a single software platform.
Learn more

• Design and implement security checks in CI/CD pipelines (GitHub, GitLab)
• Configure and maintain SAST, SCA, and container scanning tools (Trivy, Dependabot)
• Identify and remediate vulnerabilities in applications and container images
• Support container image scanning and image signing practices
• Write and maintain automation scripts (Python, Bash)
• Collaborate with engineering teams to embed security into development workflows

• 3+ years of experience in DevOps, DevSecOps, Infrastructure Engineering, Platform Engineering, Security Engineering, or similar roles
• Hands-on experience with CI/CD pipelines (GitHub or GitLab)
• Strong hands-on experience with security tools, including SAST, SCA, container scanning, and related CI/CD security tooling in production environments
• Practical experience with Kubernetes and Helm
• Hands-on experience with provisioning and maintaining infrastructure in cloud environments (AWS, GCP, Azure, or OCI)
• Hands-on experience with Terraform and Ansible for infrastructure automation, provisioning, and configuration management
• Basic scripting skills (Python, Bash)
• Understanding of OWASP Top 10
• Strong interest in security and a security-first mindset
• Ability and willingness to work closely with Security teams and drive security-related improvements within engineering workflows

• Exposure to Kubernetes security tools (Kyverno, OPA, StackRox)
• Experience with GitOps tools such as ArgoCD or Flux2
• Background in securing infrastructure against PCI DSS requirements